<%@page import="cn.ticket.Constant"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
	pageEncoding="UTF-8"%>
<%@page import="org.apache.catalina.Session"%>
<%@ page import="java.sql.Date,java.sql.*"%>
<%@ page import="cn.ticket.db.DBConnect"%>
<%@ page import="cn.ticket.util.StringUtil"%>
<%@ page import="cn.ticket.util.CommonEncryption"%>
<% 
Object name_ = session.getAttribute("login_user_name" ) ;
if(null==name_){
	session.setAttribute("errorinfo", "用户未登录,请登录后再操作.") ;
	%>
	<<jsp:forward page="../result.jsp"></jsp:forward>
	<%
}else{
	String name = (String)name_ ;
String o_password = request.getParameter("o_password") ;
String password = request.getParameter("password") ;
String re_password = request.getParameter("re_password") ;

if(null==o_password || "".equals(o_password) || null==password || "".equals(password)  || null==re_password || "".equals(re_password) ){
	System.out.println("wtdkfasjdflk asjdfpo foi erioqwej ") ;
		session.setAttribute("errorinfo", Constant.ERRORINFO_PARAMETERNULL) ;
		%>
		<jsp:forward page="../result.jsp" />
		<%
	}else{
		o_password = new CommonEncryption().encryptByMD5toSHA1(o_password) ;
		password = new CommonEncryption().encryptByMD5toSHA1(password) ;
	}
	Connection con = new DBConnect().DBConnection() ;
	PreparedStatement pst=null ;
	PreparedStatement pstmt=null ;
	try {
		String sql = "select password from user where name=? and (status=0 or status=1)" ;
		pstmt =  con.prepareStatement(sql) ;
		pstmt.setString(1,name) ;
		ResultSet rs = pstmt.executeQuery() ;
		if(rs.next()){
			if(o_password.equals(rs.getString(1))){
				sql="update user set password=? where name=?" ;
				 pst =  con.prepareStatement(sql) ;
				pst.setString(1, password) ;
				pst.setString(2,name) ;
				pst.executeUpdate() ;
				pst.close();
				%>
				<jsp:forward page="passwordUpdate.jsp?result=success" />
			<%
			}else{
				%>
				<jsp:forward page="passwordUpdate.jsp?result=error" />
			<%	
			}
		}else{
			request.setAttribute("errorinfo", "账号or密码不正确,请重新确认后再操作.") ;
		%>
		<jsp:forward page="../result.jsp" />
		<%
	}
		pstmt.close() ;
		con.close() ;
	}catch(Exception e){
		System.out.print("发生异常了."+e) ;
		session.setAttribute("errorinfo", Constant.ERRORINFO_NETERROR) ;
		%>
		<jsp:forward page="../result.jsp" />
	<%
	}
}
%>